Privacy Policy

Effective Date: April 28, 2026
Last Updated: April 28, 2026

1. Introduction

EMAK Telecom Inc. (“EMAK Telecom,” “we,” “us,” or “our”) is a Canadian business-to-business (B2B) SaaS provider of Voice over Internet Protocol (VoIP) communication services. We are committed to protecting the privacy and security of personal information in accordance with the Personal Information Protection and Electronic Documents Act (PIPEDA) and applicable Canadian privacy legislation.

This Privacy Policy explains how we collect, use, disclose, retain, and protect personal information in connection with our platform and services.

2. Scope

This policy applies to:

Business customers (“Customers”) who subscribe to our VoIP platform.
Authorized end users of our Customers’ accounts (“End Users”).
Visitors to our website and marketing channels.
Individuals whose personal information may be captured through VoIP communications processed on our platform (e.g., call participants).

EMAK Telecom acts as a service provider (processor) of call data on behalf of our Customers. Our Customers are responsible for obtaining any required consents from their own end users and call participants.

3. Information We Collect

3.1 Account and Business Information

Customer organization name, billing address, and business contact details.
Authorized user names, email addresses, phone numbers, and role assignments.
Billing and payment information (processed via third-party payment processors).

3.2 Call Detail Records (CDRs) and Metadata

Call origin and destination numbers.
Call date, time, duration, and status.
Access history and login activity (timestamps, IP addresses, device/browser information).

3.3 Call Recordings (Optional)

Audio recordings of calls, collected only when the Customer enables the call recording feature within their account settings.
Customers are solely responsible for informing call participants of any recording and obtaining consent where required by law.

3.4 AI-Processed Data

Call transcriptions, summaries, sentiment analysis, and other AI-generated insights derived from call recordings or metadata, where such features are enabled by the Customer.
AI-processed outputs are generated from Customer data and are treated with the same level of confidentiality and protection as the source data.

3.5 Technical and Usage Data

Platform usage analytics (e.g., feature usage, session duration).
Error logs and performance diagnostics.

4. How We Use Personal Information

We use personal information for the following purposes:

Service delivery: Provisioning, operating, and maintaining VoIP services for our Customers.
Call processing: Routing, connecting, and logging calls; generating call detail records.
AI features: Providing transcription, summarization, sentiment analysis, and other AI-powered insights when enabled by the Customer.
Account management: Authenticating users, managing subscriptions, and processing billing.
Platform improvement: Analyzing aggregated and de-identified usage data to improve service quality, reliability, and feature development.
Security and compliance: Detecting and preventing fraud, abuse, and unauthorized access; complying with legal obligations.
Customer support: Responding to inquiries and resolving technical issues.

We do not use Customer call recordings or AI-generated outputs to train machine learning models unless explicitly authorized in writing by the Customer.

5. Disclosure of Personal Information

We do not sell personal information. We may disclose personal information to the following categories of recipients:

5.1 Sub-Processors and Infrastructure Providers

We use the following third-party infrastructure to host and deliver our services:

Cloudflare, Inc. — Content delivery, DDoS protection, and edge networking.
Amazon Web Services (AWS) — Amazon S3 — Encrypted object storage for call recordings, CDRs, and platform data.

All data processed by these providers is stored in Canada. We maintain data processing agreements with each sub-processor to ensure PIPEDA-compliant handling of personal information.

5.2 Payment Processors

Billing and payment information is processed by third-party payment providers. EMAK Telecom does not store full credit card numbers or banking credentials on its systems.

5.3 Legal and Regulatory Disclosure

We may disclose personal information where required or permitted by law, including in response to valid court orders, subpoenas, or requests from Canadian regulatory authorities.

6. Data Storage and Residency

All Customer data — including account information, call detail records, call recordings, and AI-processed outputs — is stored and processed exclusively within Canada.

We do not transfer personal information outside of Canada unless required by a Customer’s explicit configuration and with appropriate safeguards in place.

7. Data Retention

We retain personal information only for as long as necessary to fulfill the purposes described in this policy or as required by law.

Account data: Retained for the duration of the Customer’s subscription and for a reasonable period afterward for billing, audit, and legal purposes.
Call detail records: Retained in accordance with the Customer’s configured retention settings or applicable regulatory requirements.
Call recordings: Retained in accordance with the Customer’s configured retention settings. Customers may delete recordings at any time through the platform.
AI-generated outputs: Retained for the same period as the underlying source data, unless the Customer deletes them sooner.

Upon termination of a Customer account, we will delete or anonymize all associated personal information within 90 days, unless retention is required by law.

8. Security Safeguards

We implement appropriate technical and organizational measures to protect personal information, including:

Encryption of data in transit (TLS 1.2+) and at rest (AES-256).
Role-based access controls and multi-factor authentication.
Regular security assessments and vulnerability testing.
Logging and monitoring of access to systems containing personal information.
Incident response procedures for prompt detection and notification of data breaches.

9. Individual Rights Under PIPEDA

Individuals have the following rights with respect to their personal information held by EMAK Telecom:

Access: You may request access to the personal information we hold about you.
Correction: You may request correction of inaccurate or incomplete personal information.
Withdrawal of consent: You may withdraw consent for certain uses of your personal information, subject to legal or contractual restrictions.
Complaint: You may file a complaint with the Office of the Privacy Commissioner of Canada if you believe your privacy rights have been violated.

Because EMAK Telecom processes most personal information on behalf of our Customers, individuals who are end users or call participants should direct privacy requests to the relevant EMAK Telecom Customer in the first instance. We will cooperate with Customers to fulfill such requests.

To exercise your rights directly with EMAK Telecom, contact our Privacy Officer (see Section 12).

10. Cookies and Website Tracking

Our website may use cookies and similar technologies for:

Essential site functionality and security.
Analytics to understand how visitors interact with our website.

We do not use cookies for third-party advertising. Visitors may manage cookie preferences through their browser settings.

11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. We will notify Customers of material changes via email or through the platform. The “Last Updated” date at the top of this policy indicates the most recent revision.

12. Contact Us

If you have questions, concerns, or requests related to this Privacy Policy or our privacy practices, please contact:

Privacy Officer
EMAK Telecom Inc.
Email: privacy@emak.tech

Address
130-10330 Ch De La Côte-de-Liesse
Montreal, QC H8T 1A3
Canada